ThreatQuotient research reveals that only 18% of organisations are automating alert triage.
ThreatQuotient, a security operations platform innovation company, has released the results of its “State of Enterprise Cybersecurity Automation in 2022” report.
The study is based on surveys of 750 professionals in Central Government, Defence, Critical National Infrastructure, Retail and Financial Services sectors in the UK, US and Australia.
Confidence in automation
The survey reveals that 84% of companies have become more confident in security automation processes. This represents a 25% increase in confidence compared to last year’s response (59%).
As the survey shows, companies are working on automating various elements of their security strategy, but recognise that there are some barriers to implementing the strategy.
Among the barriers that the organisations detect in implementing the security strategy, the technology itself stands out as the first obstacle to implementing automation with 21% of the responses, followed by the lack of knowledge and the lack of acceptance by the management of the different organisations with 17% in both cases.
98% of professionals surveyed say that budgets for automation are increasing, but they also feel that this increased investment in security automation is at the expense of budgets planned for other departments, in particular, 30% are reallocating unused personnel budgets.
More than a third of IT security solution managers surveyed (37%) admit to having more problems with executive management, compared to 19% who find other jobs more problematic.
On the other hand, organisations are trending favourably towards automating threat intelligence management and incident response by a further 26.5%, and with phishing analysis and vulnerability management by 26% and 25% respectively.
In terms of automation capability and usage, 63% of organisations rated themselves between 2 and 3 points in exploring some use cases for cybersecurity automation, but feel there is still considerable room for improvement on a scale of 1 to 5.
The most surprising finding of the State of Enterprise Cybersecurity Automation in 2022 report is that only 18% of surveyed professionals acknowledge that they are automating alert triage, although this is a great way for enterprises to reduce the burden of manual review and prioritisation.
Leon Ward, Vice President of Product Management at ThreatQuotient, said after the launch of the report: “Cybersecurity automation acts as a foundation to support the rapidly evolving security frontiers of tomorrow. While the research shows that organisations have certainly made progress in the last year in using automation to manage routine work and improve overall cybersecurity maturity, many teams still report challenges with automation.